[OpenWrt-Devel] [PATCH 1/4] build: Add option KERNEL_UBSAN

Alexandru Ardelean ardeleanalex at gmail.com
Thu Feb 13 04:29:37 EST 2020 

On Wed, Feb 12, 2020 at 12:49 PM Hauke Mehrtens
<hauke.mehrtens at intel.com> wrote:
>
> The kernel Undefined Behavior Sanitizer is able to detect some memory
> bugs in the kernel like out of range array accesses.
>

Did some basic testing for the series to see that the symbol gets
enabled in the final .config of the kernel.
Both 4.14 & 4.19 on x86_64

Reviewed-by: Alexandru Ardelean <ardeleanalex at gmail.com>

> Signed-off-by: Hauke Mehrtens <hauke.mehrtens at intel.com>
> ---
>  config/Config-kernel.in          | 35 ++++++++++++++++++++++++++++++++
>  target/linux/generic/config-4.14 |  4 ++++
>  target/linux/generic/config-4.19 |  3 +++
>  3 files changed, 42 insertions(+)
>
> diff --git a/config/Config-kernel.in b/config/Config-kernel.in
> index 20930326ca..bf1c1055f1 100644
> --- a/config/Config-kernel.in
> +++ b/config/Config-kernel.in
> @@ -85,6 +85,41 @@ config KERNEL_PROFILING
>           Enable the extended profiling support mechanisms used by profilers such
>           as OProfile.
>
> +config KERNEL_UBSAN
> +       bool "Compile the kernel with undefined behaviour sanity checker"
> +       help
> +         This option enables undefined behaviour sanity checker
> +         Compile-time instrumentation is used to detect various undefined
> +         behaviours in runtime. Various types of checks may be enabled
> +         via boot parameter ubsan_handle
> +         (see: Documentation/dev-tools/ubsan.rst).
> +
> +config KERNEL_UBSAN_SANITIZE_ALL
> +       bool "Enable instrumentation for the entire kernel"
> +       depends on KERNEL_UBSAN
> +       default y
> +       help
> +         This option activates instrumentation for the entire kernel.
> +         If you don't enable this option, you have to explicitly specify
> +         UBSAN_SANITIZE := y for the files/directories you want to check for UB.
> +         Enabling this option will get kernel image size increased
> +         significantly.
> +
> +config KERNEL_UBSAN_ALIGNMENT
> +       bool "Enable checking of pointers alignment"
> +       depends on KERNEL_UBSAN
> +       help
> +         This option enables detection of unaligned memory accesses.
> +         Enabling this option on architectures that support unaligned
> +         accesses may produce a lot of false positives.
> +
> +config KERNEL_UBSAN_NULL
> +       bool "Enable checking of null pointers"
> +       depends on KERNEL_UBSAN
> +       help
> +         This option enables detection of memory accesses via a
> +         null pointer.
> +
>  config KERNEL_TASKSTATS
>         bool "Compile the kernel with task resource/io statistics and accounting"
>         default n
> diff --git a/target/linux/generic/config-4.14 b/target/linux/generic/config-4.14
> index 9681d9c278..73b0d77155 100644
> --- a/target/linux/generic/config-4.14
> +++ b/target/linux/generic/config-4.14
> @@ -1516,6 +1516,10 @@ CONFIG_GACT_PROB=y
>  # CONFIG_GAMEPORT is not set
>  # CONFIG_GATEWORKS_GW16083 is not set
>  # CONFIG_GCC_PLUGINS is not set
> +# CONFIG_GCC_PLUGIN_CYC_COMPLEXITY is not set
> +# CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set
> +# CONFIG_GCC_PLUGIN_RANDSTRUCT is not set
> +# CONFIG_GCC_PLUGIN_STRUCTLEAK is not set
>  # CONFIG_GCOV is not set
>  # CONFIG_GCOV_KERNEL is not set
>  # CONFIG_GDB_SCRIPTS is not set
> diff --git a/target/linux/generic/config-4.19 b/target/linux/generic/config-4.19
> index d8ea243fc7..aba7bccaf6 100644
> --- a/target/linux/generic/config-4.19
> +++ b/target/linux/generic/config-4.19
> @@ -1605,6 +1605,8 @@ CONFIG_GACT_PROB=y
>  # CONFIG_GAMEPORT is not set
>  # CONFIG_GATEWORKS_GW16083 is not set
>  # CONFIG_GCC_PLUGINS is not set
> +# CONFIG_GCC_PLUGIN_CYC_COMPLEXITY is not set
> +# CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set
>  # CONFIG_GCOV is not set
>  # CONFIG_GCOV_KERNEL is not set
>  # CONFIG_GDB_SCRIPTS is not set
> @@ -5197,6 +5199,7 @@ CONFIG_TCP_CONG_CUBIC=y
>  # CONFIG_TEST_STATIC_KEYS is not set
>  # CONFIG_TEST_STRING_HELPERS is not set
>  # CONFIG_TEST_SYSCTL is not set
> +# CONFIG_TEST_UBSAN is not set
>  # CONFIG_TEST_UDELAY is not set
>  # CONFIG_TEST_USER_COPY is not set
>  # CONFIG_TEST_UUID is not set
> --
> 2.17.1
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel

_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

More information about the openwrt-devel mailing list